ZeroPaid.com » canada

PSA: The Computer Maintenance Department Scam Calls

Drew Wilson — Thu, 09 Feb 2012 18:49:55 +0000

Have you been getting those calls from people working in a call center from what sounds like India? You know, those people who claim to be from either the "Computer Maintenance Department" or the "Windows Technical Team" who then instruct you to go to your computer? Tell the select minority of people who would fall for it that these calls are a scam. We here at ZeroPaid did some digging about these calls in a public service effort.

I consider myself to be reasonably savvy when it comes to telemarketers. Whenever they come calling trying to sell me something, I ask them to put me on a do-not-call list. Asking to be put on a do-not-call list is substantially better than simply hanging up on a telemarketer because merely hanging up is technically an invitation to call back later. Most telemarketers have a system in place because it's the law and it's generally good practice. After asking numerous telemarketers to be put on a do-not-call list myself, it seems I have narrowed down the number of telemarketers down to a very select few. Those were the automated calls that ask you to press a number to claim a prize (never do this unless you want to be charged an unknown amount of money), the occasional survey calls and one particularly annoying computer related call. The computer related one comes at around twice a month. The telemarketer in question tells me that he is calling in regards to my computer. After that, he typically instructs me to go to my computer. This is where I get my chance to stop him in his tracks. It took a few attempts, with different marketers, but I managed to obtain two different names from them. They claim to be either from the "Computer Maintenance Department" or the "Windows Technical Team". This alone should be enough to set internal alarms off that this is not a legitimate call. Every time, these people would also tell me that my computer could be infected with harmful viruses and that they are calling to fix the problem. Usually, by this time, I tell them that I want to be put on a do-not-call list. Every time I've requested this, the telemarketer hangs up only to call back weeks later. To me, if these telemarketers are not even operating a do-not-call list, then that's a big warning sign that this is not legitimate. So, armed with who this is, I proceed to exercise my Google-fu to see what these people are all about. Turns out, this scam has been around for years. A user known as lowlanda on a Whirlpool forum posted in 2010 that a similar call was received asking to run some form of uncomprehendable command. In a British forum, there was a similar discussion also in 2010 about this kind of scam. Apparently, one user reported being asked to download a logmein program and was asked to pay £55 to keep Windows activated after obtaining personal information. Similar stories can be found on whocallsme as well. It turns out, this scam was so bad in the UK, police raided several websites associated with this scam. From the Guardian:

The Metropolitan police e-crime unit acted in April to take such sites down. Among those shut was supportonclick.com, registered to Pecon Software, a firm based in Kolkata. The company has now opened another support website, called onlinepccare.com, which is the subject of numerous online complaints about cold calling, "bullying", and claims that the caller is from Windows PC care.

One person recorded his adventure with this kind of scam and posted it to YouTube: There's plenty more information about this scam on digitaltoast. While the post dates clear back to 2009, the comments section points out that this scam is still going on to this day.

Microsoft's Comment

Interested that these scammers say that they are from Microsoft, we actually contacted Microsoft about this. We asked what to look for when it comes to figuring out whether or not the phone call is indeed from Microsoft or not. A Microsoft spokesperson said, "Our advice is simple; treat callers as you would treat strangers in the street – do not disclose personal or sensitive information to anyone you do not know." "Unfortunately this is not the first scam of its kind," the Microsoft spokesperson told ZeroPaid, "and it’s unlikely to be the last. The best way to avoid becoming a victim is by being aware of the threat. Consumers should also ensure the copy of Windows they are running is genuine and fully up to date, while ensuring they have installed legitimate software will guard against viruses, spyware, and other malicious software.”

CRTC's Response and Information on Reporting This Scam

With an official statement from Microsoft saying that this is a scam, ZeroPaid decided to contact the CRTC (Canadian Radio-television and Telecommunications Commission) to ask what options consumers have in terms of reporting such fraudulent phone calls; specifically, what can people do to issue a complaint about this kind of phone scam given that this scam is not compliant with the do-not-call registry. "First," the CRTC told ZeroPaid, "this is a scammer calling you, not a telemarketer. For scams/fraud, I would recommend contacting the Canadian Anti-fraud Centre (Phonebusters)." The CRTC forwarded us some links about reporting this scam and how this scam has really taken off in Canada in recent months. One link was to a press release by the RCMP detailing the scam:

OTTAWA - September 29, 2011 - The Royal Canadian Mounted Police (RCMP) and their partners at the Canadian Anti Fraud Centre (CAFC) are warning that if someone calls you claiming to be able to protect your computer from viruses, your best bet is to just hang up the phone. Don’t give the caller your computer access codes and don’t provide your credit card information. The virus scam has grown to epidemic proportions in Canada, now accounting for between 70 and 80 per cent of frauds reported daily to the CAFC. “We began noticing virus scam calls in March 2010. Since then, they’ve become an increasing proportion of our calls. Now, they’re the scam we deal with most often,” said RCMP Sgt. Paul Proulx of the CAFC. This dramatic increase means the scam is working – more and more Canadians are being targeted by the virus scam. Proulx warns, "If a scammer is able to log on to your computer then he has access to all the personal information you have stored there, including your banking information.” Here’s a typical scenario: a caller, often claiming to work for Microsoft or another reputable software company, will cold-call you and ask if your computer is running slowly or not working as it should. He will then offer to repair your computer via internet access, which can involve either software installation or the caller gaining remote control of your computer after you’ve granted him access. Payment for the software or the repair service is handled via your credit card with charges typically ranging from $35 to $470 per call. Allowing a third party to download software or remotely access your computer carries a number of serious risks. Malicious software can be installed to capture sensitive data such as your online banking user names and passwords, bank account information and your personal identity information. All of this information can be used in subsequent frauds that empty your bank accounts and charge your credit cards. Your computer can also be converted to a bot-net, which means criminals can use it without your knowledge or participation. It can then be used to spam other people, spread viruses to your friends or overload computer networks. Getting your credit card information is the second important part of the virus scam. Once a criminal has that information it can be used to make purchases without your consent. Canadians should be aware that not all virus scams are conducted over the phone. Many CAFC callers report being scammed after responding to internet pop-up ads for anti-virus software. Sgt. Proulx offers this simple advice: “If you’re really worried about viruses on your computer, be pro-active and use anti-virus software that you've acquired from reputable sources and keep it up to date. If someone calls you out of the blue offering to provide this kind of help, it’s probably a scam. Remember, it's not rude to hang up on someone who's trying to steal your money and information.” "When it comes to cyber security, we all have a role to play," said Public Safety Minister Vic Toews. "Canada's Cyber Security Strategy is the Government's plan to help secure Canada's vital cyber systems and help Canadians protect themselves, their families and their personal information online." Please visit the Canadian Anti Fraud Centre’s new website for the latest on emerging fraud trends, advice on protecting yourself and victim’s guides that will help you recover from fraud loss: www.antifraudcentre.ca. For more information on the Government of Canada's Cyber Security Strategy: www.publicsafety.gc.ca/cyber Fraud: Recognize It, Report It, Stop It.

A second link the CRTC sent us was to a page detailing how you can report a scam call:

If you have not lost any money and have not provided personal or financial information (relating to a fraud or scam), and you simply want to inform the appropriate organizations, report it to the Canadian Anti-fraud Centre by calling 1-888-495-8501 If you received a fraudulent e-mail soliciting personal or financial information (phishing scam), you should also advise the financial institution or other agency whose name was used. If you are a victim of fraud or if you unwittingly provided personal or financial information (identity fraud), follow the steps in our Victim Assistance Guide. If you are a victim of fraud and it is not related to identity fraud, contact the police service of jurisdiction in your area. Always report fraud to the Canadian Anti-Fraud Centre at info@antifraudcentre.ca or by dialing 1-888-495-8501 or on-line by visiting the CAFC website.

The third link the CRTC sent us was to the Canadian Anti-Fraud Center which contains a lot of information about how you can report scams over the phone and about recent phone scams which includes this particular one. "If, however," the CRTC told ZeroPaid, "a legitimate telemarketer calls you and breaks the DNCL rules – you can make a complaint either online or by phone. To file a complaint you need: 1. Your phone number (where the call was received) 2. The name or phone number of the telemarketer 3. The date you received the call To make a complaint online go to: lnnte-dncl.gc.ca" Note that the phone scam discussed is not a legitimate telemarketer, so if you get the computer viruses phone scam, this is best directed at the Canadian Anti-fraud Center and the RCMP. We here at ZeroPaid hope that this is valuable and informative information on this scam and how you can report it. Feel free to also discuss this scam or other phone scams in the comment section below. Note that the above information on reporting this scam is directed at Canadians. If you do not live in Canada or the UK and receive these calls, please feel free to let us know in the comments section below as we are only aware of this scam being active in the UK and in Canada. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Clarifying the Possible Canadian Surveillance Legislation

Drew Wilson — Fri, 19 Aug 2011 18:22:05 +0000

A report has surfaced that has received a fair bit of attention. The report suggests that Canada is facing a piece of internet surveillance legislation that would pretty much eliminate all due process. Naturally, this is of concern to us because we are concerned about privacy related stories, so we took a look at the report. Now, we'd like to offer some clarification on the current situation in Canada on this matter.

We here at ZeroPaid read a lot of articles in any given day. We are always on the lookout for anything that might be of interest to our readers and we combine that with our own ability to write our own original content. Part of what can make a great journalist is the courage to step outside our own comfort zone and report on things we don't necessarily know every nuance and detail. For many, that's simply a matter of reporting on things that are going on outside our own country. In a sense, it's simply looking beyond what is going on in our own back yard to understand what the rest of the neighborhood is up to. That can go a long way in being able to take lessons learned from the neighbors and be able to bring it back home. That doesn't always mean that everyone is entirely successful. Sometimes, one can absorb every single detail on a story they can gather and try as much as possible to produce an accurate report only to find that there is the odd detail here and there that someone immersed in that countries culture would be able to pick out right away. That is always the difficulty of trying to report on issues happening in countries that are, simply, not the country you come from. I think that this leads to two ways a reporter can handle this, they can either focus exclusively on what is happening in their own country, or they can take the occasional intellectual thumping in order to gain a much more rounded exposure to issues happening "abroad" (in quotes due to nature of internet) That leads us to this report from Naked Security which says that Canada is considering a bill that would pretty much eliminate due process and bring in surveillance that would make US-style surveillance seem like a fair and open transparent process. As someone from Canada, you can predict what I thought when I first heard this. I thought, "Oh no. They are actually going ahead and tabling this again!" So I read the article and it pointed to Bill C-52. I wondered if they actually kept the naming scheme to the point where they used the same numbers to boot. Since the legislation was linked in the article, it didn't take long to discover that this was not current legislation, but rather, old legislation that died on the order paper after the last election. Just looking at the date of the first reading (November 1, 2010) kind of gave a good hint of that (and, if you're a Canadian political junky, the part that says "Fortieth Parliament" is also a giveaway as the government is currently in the 41st parliament). Of course, if you're not a Canadian and don't tend to follow Canadian politics as closely as some who do reside in Canada, that might not be that obvious. For the record, the surveillance legislation at the time (deceptively dubbed "Lawful Access") was actually three bills - bill C-50, bill C-51 and, of course, bill C-52. It was complex and dealt with a lot of issues. Reading bill C-52 would technically only give you a sense of one third of what was being proposed. As you might be able to guess, like bill C-52, bills C-50 and C-51 also died on the order paper when an election was called. As I've suggested in various articles over the years, Canadians were actually saved from very bad legislation that would undermine civil liberties in the country. The author of the article on Naked Security also defended himself by saying that this is what is being mulled in government right now. He didn't say that it was necessarily tabled. This is technically true, but it's also pushing it to say that the contents of Bill C-52 is precisely what is being mulled because that might suggest that it might be tabled separately. I, personally, wouldn't go so far as to assume that what was in Bill C-52 is exactly what the government is thinking of tabling next. This is partly because the speculation is that a lot of what was being considered in the Lawful Access legislation might be rolled in to an omnibus crime bill in the next session of parliament. The fear is that this crime bill will be pushed through quickly and in such a way that a lot of the inherent flaws of previous attempted legislation would wind up being muted. This kind of concern was raised by experts featured in our previous report. In the open letter, the government was generally urged not to do anything hasty and ram surveillance legislation through - after all, it is a heavily contested area to begin with that practically pits ordinary Canadians against their own government. We don't really know what the specifics are in the crime bill. That's what makes it difficult to argue on specifics. The best we can do is look at the previous legislation and beg the government not to destroy Canadian civil rights by reinserting the type of legislation found in the Lawful Access bills into the crime bill. Personally, I'm not holding my breath that Prime Minister Harper will respect basic civil rights and since Canada has a majority government, Harper pretty much rules with an iron fist for the next few years. It's actually quite hard to fault Naked Security because there's not a whole lot the author did wrong that I can see. He looked up the legislation directly, linked to it, quoted relevant sections and had decent commentary on what was wrong with the legislation. These are all really good things to do in an article. In fact, he even brought in other examples from around the world to support his arguments which I think is always a bonus. In addition, he did raise awareness of matters of importance (and I'm happy that it's on topics that are close to home in my neck of the woods). Of course, to draw from a science example, you could follow very solid methodology like the scientific method to the letter and wind up with results that are way out in left field. I think that the author of Naked Security should continue to monitor what goes on here in Canada and not get discouraged by the feedback he got from one particular article. Fine, you could say his article might not be totally accurate or maybe even a bit misleading, but I don't think it's necessarily his fault. Give the guy a chance, he's trying at least. Following international stuff isn't really easy - believe me, I know. [Via /.] Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Opposition to Canada’s Impending Surveillance Legislation Grows

Drew Wilson — Sat, 13 Aug 2011 22:09:03 +0000

The Canadian governing party - the Conservatives - are planning an omnibus crime bill that would include surveillance legislation. While the bill is not yet tabled, opposition to this bill is mounting.

There has been suggestions that the Canadian surveillance legislation long promised, but never passes, may be bundled in to an omnibus crime bill and tabled soon. For those following this story closely, that isn't exactly news. What is news, however, is that experts, academics and organizations, among others, have stepped up to formally oppose such legislation. An open letter was recently sent to Prime Minister Stephen Harper expressing their concerns about such legislation. They cite previous bills that made up the surveillance legislation in the last government session and voiced their concerns about them. The letter (PDF) opens, "We are writing to you regarding your promise to introduce and pass within 100 days an omnibus bill incorporating a number of very different pieces of legislation." The letter continues, "We are particularly concerned that three of those bills will have serious negative implications for the privacy rights of Canadians, and that these aspects will not receive the scrutiny they deserve if rolled into an omnibus bill." "These pieces of legislation were former Bills C‐50, C‐51 and C‐52 from the last session of the previous Parliament, the ‘lawful access’ technical surveillance bills. We join Canada’s federal and provincial Privacy Commissioners in voicing our grave concerns regarding this invasive legislative mandate, as they collectively did in a letter to Deputy Minister of Public Safety dated March 9, 2011." Their main focus of concern:

The ease by which Canadians’ Internet service providers, social networks, and even their handsets and cars will be turned into tools to spy on their activities further to production and preservation orders in former Bill C‐51 – a form of spying that is bound to have serious chilling effects on online activity and communications, implicating fundamental rights and freedoms;
The minimal and inadequate amount of external oversight in place to ensure that the powers allotted in these bills are not abused;
Clause 16 of former Bill C‐52, which will allow law enforcement to force identification of anonymous online Internet users, even where there is no reason to suspect the information will be useful to any investigation and without adequate court oversight; and
The manner in which former Bill C‐52 paves the way to categorical secrecy orders that will further obscure how the sweeping powers granted in it are used and that are reminiscent of elements of the USA PATRIOT Act that were found unconstitutional.

The letter also contains a highly detailed list of concerns in the appendix section. The letter also warns that the costs of implementing such surveillance measures would ultimately be passed on to consumers since it is a new cost of doing business for ISPs. Indeed, this type of thing has precedent. In France, when the French government forced ISPs to adopt a three strikes law, the ISPs simply passed the costs of maintaining the warning system on to consumers. The letter was signed by the following:

Andrea Slane, University of Ontario Institute of Technology, Faculty of Social Science & Humanities Andrew Clement, University of Toronto, Faculty of Information British Columbia Freedom of Information and Privacy Association (BCFIPA) Canadian Association of University Teachers (CAUT) Canadian Civil Liberties Association (CCLA) Canadian Federation of Students (CFS) Christopher Parsons, University of Victoria, Department of Political Science Civil Liberties Association – National Capitol Region (CLA–NCR) Colin Bennett, University of Victoria, Department of Political Science David Lyon, FRSC, Queen’s University, Surveillance Studies Centre Ian Kerr, University of Ottawa, Faculty of Law International Civil Liberties Monitoring Group (ICLMG) Kate Milberry, University of Toronto, Faculty of Information Leslie Shade, Concordia University, Department of Communications Studies Lisa Austin, University of Toronto, Faculty of Law Michael Geist, University of Ottawa, Faculty of Law Michael Markwick, Simon Fraser University, School of Communications OpenMedia.ca Public Interest Advocacy Centre (PIAC) Samuelson‐Glushko Canadian Internet Policy & Public Interest Clinic (CIPPIC) Sharon Polsky, President, AMINACorp.ca; National Chair, Canadian Association of Professional Access & Privacy Administrators (CAPAPA) Teresa Scassa, University of Ottawa, Faculty of Law Valerie Steeves, University of Ottawa, Department of Criminology

I don't mean to sound overly pessimistic, but I think that there is one key difference between when Canadians fought very dangerous bills in the past and now. That key difference is the fact that the Conservatives have a majority government. That means that they can pass whatever bills they want without any fear of opposition. So, it wouldn't matter how much evidence or reason you present the government, Harper will simply legislate how he likes. If it drives the country in to the dark ages, it wouldn't matter because he has the power to stop any opposing voice on different debates as far as passing legislation is concerned. That's just the government Canada is stuck with. My personal hope is that Canada will have a Charter of Rights and Freedoms before Harper's term is up - or, at least a few shreds of it still intact. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Report – CRIA Goes Through Name Change

Drew Wilson — Tue, 12 Jul 2011 18:42:06 +0000

It may have been the most controversial name in the entire copyright debate, but a report is saying that you won't be able to call it by its standard name anymore. The Canadian Recording Industry Association (CRIA) has reportedly changed it's name to Music Canada.

Back room deals, hundred dollar a plate dinners, attempting to sue customers, threatening websites on questionable legal grounds, trying to import the DMCA to Canada, sued for billions for commercial scale piracy of music, tried to import a three strikes law in Canada, threatening politicians with deadlines to implement laws it wants, holding companies at ransom as a pressure tactic to implement a Canadian DMCA (i.e. Pandora), and having Canadian record labels abandon it for strategic differences. Indeed, the CRIA has made numerous headlines - many for all of the wrong reasons. For many, in Canada, CRIA was little more than the Canadian arm of the RIAA (Recording Industry Association of America) whose influence comes from primarily and, almost exclusively, the big four multinational record companies. Salvaging the public relations reputation of such an organization might seem to be a lost cause by now since their record sometimes sounds more like a rap sheet than a list of accomplishments. For some, this latest move pretty much was an admission of that. According to BillBoard magazine, the organization has decided to scrap its own name. The report says that the new name will be Music Canada. From the report: "CRIA has been very focused on copyright reform for many years and we fully expect that our efforts will be rewarded with a modern copyright framework in Canada," Henderson told Billboard. "But our role is also evolving and it was felt that in order to best support our members as they rebuild the marketplace, we needed an invigorated brand and direction. "Music Canada will champion the music industry, beginning with a new music portal that is a very positive reflection of the music community in Canada and will become a comprehensive resource for those inside and outside of our community." According to the CRIA-issued press release, this music portal is the first effort of Music Canada. Beyond the music industry, it is expected to provide information and resources to its partners in government, media and business. "Consumers will also find valuable information guiding them towards effective and legal ways to access and use music," it states. If their word is anything to go by, it is a very different attitude from before where CRIAs stance was essentially that no marketplace can flourish unless copyright laws are in place to their liking. As a case-in point, Pandora said that licensing barriers have blocked their efforts from entering Canada which, at the time, debunked the myth suggested by CRIA that it was copyright laws stopping Pandora from entering Canada. Russell McOrmond, in the mean time, wasn't really convinced about the prospects of a change in policy. He commented on the move noting that many controversial organizations changed their name in an effort to cast off bad publicity:

CANCOPY became Access Copyright, and I expect them to change their name again. This name change was spin by an increasingly controversial organization, trying to shed some of the negative feelings associated with the previous name. I suspect the Neighbouring Rights Collective of Canada became Re:Sound as part of the lobbying by "makers of sound recordings" (recording labels) to suggest they are equal or even "superior" copyright holders in the larger music industry compared to actual authors (composers). Saying they are only "Neighbours" to music copyright holders (composers) clarified their intended subservient position in the music industry.Having the lobbiest representing the major foreign record labels calling themselves "Music Canada" is a mixture of both dishonesties. It is a name change from a controversial organization, which will distract people with short memories. The name also invalidly suggests they represent the "Music" industry in "Canada". This organization doesn't represent the music industry, but the decreasingly relevant subset known as the recording industry whose interests often conflict with composers and performers who make up the critical parts of the music industry. This organization is also predominantly foreign -- they don't represent Canadian interests so much as representing foreign interests to Canadians.

I personally find myself agreeing with McOrmond here. I find it highly unlikely that an RIAA lobbyist group in Canada would suddenly flip a switch and move on to actually selling music rather than constantly lobbying the government to change the laws so that they look like the highly flawed laws of the United States. Given the most recent push to get a "6 strike regime" in place in the US, such a thing, I would imagine, would be too tantalizing for CRIA to pass up; saying, "Look, the US changed their system. Everything the US does must be good and we need to do whatever the US does!" One thing is for sure, I don't see it being impossible that Canadians will be trying to stop this new organization called "Music Canada" from getting ISPs to implement a three strikes regime in the next year or so. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Canada’s Usage Based Billing Hearings Kicks Off

Drew Wilson — Tue, 12 Jul 2011 15:41:34 +0000

In a way, it's surprising that Canada is still talking about Usage Based Billing. Yet, here we are today with the CRTC (Canada's regulator for industries like this) holding hearings on ISPs pushing to make sure Usage Based Billing is permitted in the marketplace.

Usage Based Billing, as far as Canadians are concerned, is effectively a method to make consumers pay twice for the same service. First, there's the connection fee which everyone is all too familiar with. Then, what is being proposed, is that consumers pay again based on how much traffic they generate. In short, it's ISPs trying to double dip while taking advantage of the fact that competition is pretty much non-existent in Canada given that there really is only three main ISPs available. The debate itself over whether or not ISPs should be allowed to put this in place has been around a long time in Canada. In fact, there was a surge in interest for network neutrality clear back in 2008 when Bell Canada wanted to throttle Canadian internet connection speeds. Canadian ISPs were borrowing a lot from the debate in the US at the time which included the most famous myths - the data "exaflood" This term was used to describe how data use would exponentially increase because more and more users were using sites like YouTube. Record labels even jumped in to say that it's almost exclusively piracy that is causing this congestion. In their theory, the flood of internet use would tie up the internet and cause traffic to slow to a grinding halt, destroying the internet forever should nothing happen to stop it. Heroically, ISPs would come to the rescue and ask for simple permission to throttle all these so-called "bandwidth hogs" and save the internet from complete destruction. Unfortunately, for ISPs, that was about the peak of the credibility of their arguments. Canadians were very familiar with the debate going on in the US and how supporters of ISPs were going about selling their message. There were two very famous examples that really led to further doubt of the ISPs position of this exaflood of traffic. The first was the ever famous speech by Ted Stevens talking about how the internet is a "series of tubes" which can be found on YouTube: Suffice to say, the description did nothing to further the case that traffic needs to be throttled to deal with the impending "exaflood" In addition to the speech, there was also a well-known video floating around at the time. It was apparently a TV advertisement that said how bad network neutrality was. The argument was that anything people said to support network neutrality was just "mumbo jumbo" The ad probably did little more than point to the extreme absurdities the debate climbed to - particularly for the anti-net neutrality position. Suffice to say, it did prompt many Canadians to ask interesting questions for Canadian ISPs like, if there was going to be an impending exaflood of data, and ISPs are unable to cope, then why not invest more in infrastructure to handle such an amount? Canadian ISPs simply had no real answer to this. This prompted farm more skepticism towards the so-called plight of Canadian ISPs, so the ISPs simply focused on trying to convince regulators to go along with their plan anyway. At some point, the CRTC requested the data to back up the suggestion that networks were, in fact, congested. Really, it was a simple request, and, if ISPs were telling the truth this whole time, then there wouldn't really be a problem sharing this data in the first place. Naturally, ISPs were very hesitant, trying to throw every rule in the book at the CRTC to avoid revealing such data. While there was citations of competition reasons, the real reasons were to be revealed - that the crises was, in fact, a manufactured one. We here at ZeroPaid, were also more than just a little interested in what was revealed. What was revealed was that ISPs were not really that congested after all. In fact, Bell Canada revealed at the time that they were at a mere 33% capacity at peak hours. To put it briefly, everything blew up in their faces. Two months later, Bell Canada was still trying to salvage the situation on the PR font by insisting that 8% congestion in two cases were sufficient data to point to a crises, but few really bought in to the argument at that stage. The whole network congestion argument simply unraveled from there. While throttling happened anyway in Canada, the greatest weapon to push for ending net neutrality became a dud. Today Now, here we are, three years later and a network neutrality issue is before Canadians. It almost seems strange in a way that Canada is still having this discussion. The reason why it might seem strange is because the Canadian government decided back in February that the CRTC was wrong in allowing metered bandwidth. Ultimately, the government reversed the CRTC decision and blocked metered bandwidth. So, even though the government made a decision, the CRTC did go ahead on holding hearings on this issue. Michael Geist is following the hearings and has made notes on what was discussed. At issue was the reason why exactly was metered bandwidth even needed in the first place. It seems that it's not a question of congestion, but rather, competition. Geist noted that once questioning began, the link between congestion and usage based billing unraveled:

CRTC Chair Konrad von Finckenstein asked why - if Bell was facing network congestion - sister company Bell Aliant has not implemented UBB. Bell argued that Bell Aliant "supported" UBB, but acknowledged that competitive forces and marketplace conditions in Atlantic Canada were such that UBB is currently not needed. Of course, von Finckenstein didn't need to look at Bell Aliant as his example - Bell itself employs different caps in Ontario and Quebec given the different competition from Videotron and Rogers. Their approach isn't a function of congestion, but rather competition. In fact, when Bell was asked whether it planned to keep data caps for its retail customers, it responded that it did, subject to "competitive dynamics." The effects of competition was further confirmed when Telus appeared as it noted that it doesn't use UBB, it isn't a pressing issue, and that competition with Shaw has led to far more generous plans than those found in other parts of the country. Discussion on the lack of a link between congestion and UBB continued as Commissioners Molnar and Denton asked why Bell was promoting a plan that involves aggregate usage rather than peak usage. Molnar noted that aggregate usage is not linked to congestion and that it appeared to simply create incentives to reduce Internet use more generally. Bell agreed, leaving Molnar to respond that this was a problem since it reduced Internet use with no benefit to addressing congestion. Denton continued on the same theme, asking why the CRTC would want to try to reduce Internet use other than in an effort to address congestion. Add Bell's acknowledgement that its pricing is not a function of actual costs but rather the market and the conclusion is that all elements of UBB - use of caps, pricing, and size of caps - are a function of the regional marketplace dynamics, not congestion concerns. Moreover, the Commissioners seemed to understand why this issue is so troubling, with Molnar emphasizing the dangers of a policy that discourages Internet use and Denton linking UBB to cloud computing and the fears that caps would harm that emerging industry.

There is the question about where small ISPs stand in all of this. It appears that they are very much against this. The Toronto Star reported that the smaller ISPs feel that this push for usage based billing is little more than attempt to drive the competition out of business:

The smaller ISPs have argued they would be driven out of business if they have to use the same pricing model employed by the large players, who charge extra if the retail customers exceed monthly usage limits. CRTC chairman Konrad von Finckenstein told the hearing Monday that the commission is only looking at the wholesale prices that independent Internet providers pay for network use and not retail rates that are charged to their consumers. Bell withdrew its usage-based billing tariff earlier this year and is proposing wholesale pricing for ISPs that reflects a flat-rate access fee on speed and charges 29 cents per gigabyte for any extra gigabytes needed to accommodate overall usage in a month. Bell also said that its recently launched Internet-Protocol television service doesn’t contribute to its network congestion because it operates over a separate network.

Personally, I think the best part in all of this is that somehow, the services by the large ISPs being sold to consumers in no way shape or form contribute to network congestion, but somehow, these smaller ISPs do. This would most certainly support the idea that usage based billing is merely a competition maneuver, and not really a solution for any alleged congestion.

P0keu Dumps Usernames and Passwords of TamilCanadian.com to Pastebin

Drew Wilson — Wed, 06 Jul 2011 10:56:48 +0000

Another day, another database dump. This time, it's the user names and passwords of a website called TamilCanadian which appears to be a blog.

P0keu seems to be a peculiar hacker. A number of hackers who post under the banner of AntiSec typically give a reason why they decided to hack a certain company, government website, etc. P0keu, on the other hand, just dumps databases without giving much of a reason. Today, on his Twitter account, the hacker announced that another database was dumped. The database was posted to Pastebin. The hacker merely gave the following statement in the release:

I'll leave this right here..

The release appears to be the usernames, passwords (hashed) and e-mail accounts of the website. Judging by the line count, it's about 2658 accounts that were compromised. The release was made available about an hour ago as of this writing. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Anti-Surveillance Petition Strikes a Chord with Canadians

Drew Wilson — Sun, 26 Jun 2011 11:00:23 +0000

The Canadian government has gone through a 58 hour filibuster with regards to the Canada Post lockout. With this out of the way, some are fearing what the Canadian Conservative government will do next. One of the things that could be in the pipe-line is the much feared warrantless wiretapping legislation. It sparked one group to put together a petition that is already garnering huge success.

Canadians have been down this road before. In 2008, the Liberals were proposing what is still known to this day as "Lawful Access". The debate which was debated back in 2008 and even further back into 2005 when it took the iteration of Bill C-74 back then. In both the 2005 and 2007-2008 instances, the Liberal party were the ones pushing the legislation. Now today, roughly 6 years later, very little has changed save for the possibility that the Conservative party is now pushing for Lawful Access legislation. The arguments against Lawful Access should be very familiar for those, like me, who sat through the debates over whether or not Lawful Access should be passed in the first place. It's too expensive for various companies to implement, it uses resources that authorities don't have, it's too expensive for companies to maintain, it'll never be 100% effective given the existence of technology such as VPN and TOR, it's an infringement on people's rights, there is no court oversight, it can easily be abused, it does little to nothing at solving crime in the first place and it could make tihngs worse for authorities as it would encourage anyone they could be after to adopt more effective ways of avoiding surveillance, making it harder for authorities to keep track of the very people they want to keep track of. One can already get that Groundhog Day feeling just listing off the reasons why Lawful Access is bad. Regardless, Open Media has launched a petition website called Stop Online Spying (stopspying.ca) to encourage users to get involved early in opposing any such legislation. The petition makes the following arguments:

The government is trying to ram through an anti-Internet set of electronic surveillance laws that will invade your privacy and cost you money. The plan is to force every phone and Internet provider to surrender our personal information to "authorities" without a warrant. This bizarre legislation will create Internet surveillance that is: * Warrantless: A range of "authorities" will have the ability to invade the private lives of law-abiding Canadians and our families using wired Internet and mobile devices, without a warrant or any justification. * Invasive and Dangerous: The laws leave our personal and financial information less secure and more susceptible to cybercrime. * Costly: Internet services providers may be forced to install millions of dollars worth of spying technology and the cost will be passed down to YOU.

Michael Geist notes that the online petition received thousands of signatures on it's first day. As of this writing, the petition has collected a grand total of 36,677 signatures. It's a number that only stands to grow given how Canadians reacted to previous iterations of Lawful Access. The CBC adds:

The petition is backed by the Canadian and B.C. civil liberties associations, the Canadian Internet Policy and Public Interest Clinic at the University of Ottawa and the Tyee, a B.C.-based news and culture website. Several unions and independent media outlets are also supporting the campaign.

What will be interesting this time is seeing how opposition toward this legislation fares against a Conservative majority government. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Editorial: Digesting the Canadian Election Results and Subsequent Possible Online Policy

Drew Wilson — Wed, 04 May 2011 04:28:58 +0000

Most Canadians and many around the world are waking up to the reality of what happened during the election - that is a Conservative majority government. The question remains, how will digital policies shape up now?

Let's point out something very obvious: Bill C-60 during the Liberal government, Bill C-61 of the later Conservative government, and Bill C-32 of the previous Conservative government. What are a few things these bills had in common? They all dealt with copyright. They all had American style copyright reforms in them (earlier ones more than the later ones), and they all died on the order paper because each government was under a minority government situation and they dies on the order paper as a result. Now, what makes this government different than the others in the past? It's a majority government meaning that Canadians won't have their say on issues until 2015 because there are more Conservatives then there are all other political parties combined. This means that the one thing protecting Canadians from bad copyright policy is gone and that has a lot of people very nervous for the future of Canada in an online world. Michael Geist has weighed in on this saying that there are pitfalls and opportunities on the horizon because of privacy reform and the more progressive copyright law seen in the previous session. Russell McOrmond watched the election and offered up some advice including this: "Don’t blindly follow the protectionist demands of the US democrats". While others have yet to weigh in, there's that sense that somehow, politicians within the Conservatives can be swayed to table sound policy - especially on issues like copyright. I can't say I'm that optimistic because the Conservatives have primarily been a "my way or the highway" type of party to begin with. Since they have the majority of the seats, they hold all the keys, and thus, they are accountable to no one. They don't have to listen to Canadians any more at this stage for the next four years. I really almost don't want to run through what is up at the cutting block because it sickens me just thinking what can happen in the next four years, but it is, nevertheless, the informative thing to do to begin with. Removal of Funding from Opposition Parties When the Canadian Pirate Party managed to joined the political process in Canada, it was seen as a major victory for those who focus on online issues because if any party understood issues like copyright and privacy online, it would be the Pirate Party of Canada. Now, the Conservatives have vowed to end public subsidies to political parties. Normally, parties receive 2 dollars for every vote. With the Conservatives vowing to end that, it will mean smaller parties will be substantially harmed including, very likely, the Pirate Party. What this will do is essentially Americanize the political system in Canada so that only parties that have the backing of large corporations can be heard. That could mean that, in the future, online rights will have a very hard time trying to survive a corporate sponsored political system because political parties then have to go to multi-million dollar companies to get funding or risk being drowned out on the airwaves and the teams of publicisits online. Conservatives have vowed to gut this policy, so it's very unlikely it'll be around by 2013. Privacy Online on Life Support? The Conservatives did suggest that they will create an omnibus anti-crime bill soon after coming in to political power. Bundled in that will very likely be the surveillance legislation that online advocates have been fighting against for years. In past iterations, this legislation has been about gathering information on unsuspecting people online without a warrant. Realistically speaking, if it gets any worse now than before, it'll essentially be the same thing as the warrantless wiretapping going on in the US. Since Conservatives are famous for their jet's n' jails policy as far as opposition parties are concerned, this is just about a guarantee that we'll have that. So, maybe researching VPN services would be the next best option for Canadians at this point and the moment such legislation is tabled, take up such services because the government will very likely be watching your communications whether for legitimate or illegitimate reasons. The Canadian DMCA This should be just about self-evident to most copyright watchers. Bill C-61 was pretty much the Canadian DMCA at its worst under the Conservative governments of the past. They tried a more moderate approach to appease voters with Bill C-32 in the last session, but with the pressure of being accountable off of their shoulder, chances are, the Conservatives will simply revert to the worse of the two laws. We certainly know from Wikileaks that when Conservatives are in power, American corporations write our laws - especially on copyright issues. What are corporations pushing throughout the world right now? Just ask New Zealand where Wikileaks revealed, much to the dismay of some political parties there, how Hollywood dictated to New Zealand that they are going to have a three strikes law. So, at this stage, I personally think that it's a very real possibility that Canadians will be fighting a three strikes law in the future. There are also a few other options plausibly on the table on copyright. In the US, there was the push to pass something called the "INDUCE" act that outlawed "inducing someone to infringe. Some critics felt that any piece of technology that could theoretically be used to infringe could also be inducement. One offshoot possibility that I can say is too early to tell is whether or not copyright could be so strict, that even discussing infringement could be a crime. That possibility isn't as likely as a copy of the INDUCE act, but I can say that this would be a worst case scenario. There is also the matter of international agreements. With ACTA (Anti-Counterfeiting Trade Agreement) and TPP (Trans Pacific Partnership Agreement), there's really no barriers now to stopping some of the worst kinds of international pressure to change the criminal code at this stage should they both be finalized in the next four years. TPP in particular would worse ISPs to become copyright cops and create the much reviled three strikes law in case the Conservatives don't create one on their own. Conclusion Yes, this is entirely speculation and yes, there needs to be a continual reminder that Canadians want better lawmaking in these areas, but I can't say I would be surprised if Canadians are ignored on these important issues. I should know being in a Conservative stronghold myself. I know how much (lack) of representation a constituent gets first-hand if they live in a Conservative riding. When Harper runs the Canadian Charter through a Conservative branded shredder made in China, he'll do it with a smile and assurance that it's for our own good. Don't like this outlook? Prove me wrong. I seriously hope, above all else, that I am completely wrong on this and the Canadian government doesn't choose to enact half of this, but I personally wouldn't count on a positive outlook in the future. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

PSN Outage: Day 10 – FBI, Congress and 22 State Attorneys General Get Involved

Drew Wilson — Sat, 30 Apr 2011 19:00:24 +0000

It is now day 10 of the infamous Sony PSN (PlayStation Network) outage. Already, 5 countries are involved including the US, UK, a city in China, Australia and Canada. Now, it seems the US has increased its involvement in this outage. The FBI, Congress and 22 State Attorneys General are going to be joining the Department of Homeland Security in this.

It's not difficult to picture Sony's US headquarters these days - men in black wandering around in small cubicle farms, phones ringing off the hook, politicians pounding on their doors and server rooms mummified in caution tape. As we've noted in previous days, government involvement is increasing all over the world, one government even threatening Sony with fines. It seems as though government involvement is only increasing these days. We begin with congress. According to the New York Times, the Subcommittee on Commerce, Manufacturing and Trade has sent a letter to Sony (PDF) demanding answers. They are asking, among other things, when and how they were aware of the breach, when authorities were notified of the breach, why there was a delay in notifying customers, why Sony doesn't believe credit card information is in the wrong hands, and where does Sony go from here. The letter was signed by Chairman Mary Bono Mack and G.K. Butterfield, a ranking member. It seems that Congress isn't the only ones getting involved. TGDaily notes that the FBI is also involved in this now:

"The FBI is aware of the reports concerning the alleged intrusion into the Sony on line game server and we have been in contact with Sony concerning this matter," special agent Darrell Foxworth told Kotaku. "We are presently reviewing the available information in an effort to determine the facts and circumstances concerning this alleged criminal activity."

Kotaku also found out (Canadian URL) that 22 states are involved at this point:

Meanwhile attorneys general from 22 states are demanding answers from Sony over the breach, asking why it took the company so long to alert customers to the attack. That group of state attorneys general are sharing information with one another about their individual inquiries, Susan Kinsman, communications director for the Connecticut Office of the Attorney General told Kotaku. The collection of attorneys general have also contacted the Federal Trade Commission to see if they have launched their own federal investigation, she said.

An Attorney General issued a press release (PDF) which contains the following:

Sony has confirmed the compromised data may include a wide range of personal information such as user names, addresses, birth dates, e-mail addresses, account login data, and potentially credit card information. In addition to video game playing, Sony’s network can also be used to access other entertainment networks such as Netflix, Facebook and Twitter. In a letter to Sony, Jepsen asked for more details about the extent of the breach, what third-party products may be affected, and the steps the company is currently taking to protect its users. He also expressed concern about whether Sony promptly detected and alerted customers about the breach. “In this era of increasing reliance on technology, it is vitally important that all entities entrusted with nonpublic personal information employ the highest levels of data security,” Jepsen wrote. “I expect Sony to work with and protect any consumers harmed as a result of this breach, and will review Sony’s efforts to protect private information.” Sony first detected an intrusion on April 20 and reported it as a network outage. On Monday, five days after the initial intrusion, Sony analysts confirmed the actual data breach. The company alerted customers Tuesday that their personal data may be at risk.

Interestingly enough, the Kotaku article mentioned the possible involvement of the FTC. While it's possible that the FTC has jurisdiction, apparently, the FTC wouldn't confirm if they are also investigating. Meanwhile, in Canada, a second privacy commissioner is getting involved. There was already the Privacy Commissioner of Canada that is involved, but now, a Provincial privacy commissioner is getting involved. From Global TV BC:

Alberta's Information and Privacy Commissioner Frank Work is warning Playstation users to be on the lookout for suspicious activity on their accounts after Sony reported that the information of 77 million users worldwide had been compromised by a possible hacker. News of the breach came on Tuesday, when Sony released an online letter to users. “Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address, country, e-mail address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID,” the letter said.

It's extremely difficult to just keep tabs on all the developments. Figuring out who all is involved is quite a task in and of itself - and those are the ones being reported in the media at this time. Who knows who is unofficially involved? This leads to one possible problem, co-ordinating the effort. With so many moving parts now on the scene, how does so many entities stay focused and work with each other on this issue? It'll be interesting to see how everything stays organized at this point. While some details remain sketchy, we do know now that Sony will be holding a conference to explain what is going on. From NowGamer:

The conference, being held tomorrow at 2PM in Japan (5AM UK) will address the recent PSN outage and when Sony expects the PSN to be back up. Sony's Kaz Hirai will reveal information regarding the PSN hack and subsequent loss of service, as well as detail the systems it is putting in place to resume PlayStation and Qriocity networks. Sony has already announced that it expects some services of PSN to be back up by the 4 May, so hopefully we'll find out tomorrow just what this means for gamers.

Not exactly the Tuesday reboot day that was floating around earlier, but it is merely a day later than expected. Do you think that those who broke in to the network will get caught? Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Canadian ISP Telus Plans “Customer Friendly” Data Caps

Jared Moya — Fri, 29 Apr 2011 13:46:15 +0000

Telus spokesman Shawn Hall says that customers will get "lots of warning," and lots of opportunities to switch to more expensive data plans when it rolls out usage-based billing later this year.

It appears there's a race to the bottom going on among Canadian ISPs with news that Telus also plans to introduce data caps some time later this year. "It's going to be really customer friendly," Telus spokesman Shawn Hill told CTV News. "You'd be forgiven for the first month you go over. You'd get lots of warning, lots of notice that you were going over with options of moving to other plans." Customers who subscribe to the $35 p/mo broadband package can expect a data cap of a mere 75GB! "It's only fair that people pay for how much Internet capacity they use," Hall said. But, this assertion has already been debunked by none other than Bell Canada itself. In remarks made during last August’s second quarter conference call, Bell Canada Enterprises CEO George Cope, said that "almost all the increase" in average revenue per user was "coming from usage-based billing as the demand for Internet use explodes through the use of video services." The revenue wasn't needed to offset the increased costs it claims are associated with the rise in data usage. Revenue per customer was up, and three months later Cope even admitted that usage-based billing revenue was up a staggering 83% from the year before. When it comes down to it, as Cope has also told shareholders, usage-based billing is a way to "monetize bandwidth." The problem with UBB and data caps is that creates economic disincentives to consume bandwidth and use online services just as increasing the price of gasoline discourages the use of an automobile. Moreover, to date no ISP has been able to reasonably argue that overage fees have any relationship to the actual costs incurred. Does it really cost an ISP $1 if I exceed my data cap by a measly 5GB? Data caps are nothing more than the product of a lack of true ISP competition, and so long as that's the case ISPs will be able to create new ways to "monetize bandwidth" at the expense of their customers. Let's just hope that a 75GB data cap doesn't become an industry norm. Stay tuned. jared@zeropaid.com